Source: Katina Michael with Rebecca Herold, October 2, 2019, “Principles of Professional Ethics in the Workplace”, Data Security and Privacy: Voice of America, https://www.voiceamerica.com/
Citation: Katina Michael with Gemma Veness, June 2, 2019, “United States visa applicants now required to hand over social media usernames”, ABC24hour News: Afternoons, https://www.abc.net.au/news/newschannel/
For an alternate perspective: https://www.abc.net.au/news/2019-06-04/us-visa-rules-social-media-accounts/11174262
Government leaders & law enforcement are trying to force tech companies to put backdoors in encryption in the name of public safety. There are 750,000 law enforcement employees & 1/2 million US intelligence agencies community employees who may use those backdoors, & likely many others worldwide. Strong encryption is available throughout the world. If businesses & general public are forced to use encryption with back doors, will cybercrooks will be the only ones using strong encryption; those the backdoors were intended to be used on to begin with? How will Australia’s new law requiring encryption backdoors impact data security & privacy? Who has oversight of that law? How will it impact other countries? Does any evidence prove encryption backdoors have improved safety/security? Rebecca discusses these and related issues with Dr. Katina Michael, Arizona State University director of the Centre for Engineering, Policy and Society. Katina is also a privacy and uberveillance pioneer.
Source: Katina Michael with Rebecca Herold, 5 February 2019, “Will Australia’s Encryption Law Kill Privacy in the Name of Safety?”, Data Security and Privacy: Voice of America, https://www.voiceamerica.com/show/episode/112884
As the Federal Government today pushes the button to create My Health Records for every Australian who wants one, the industry has stepped out asking for more transparency around security and secondary use of the records to enable people to make more informed decisions about it.
The industry has also voiced out about data de- and re-identification, a global approach to cybersecurity issues as healthcare digitises, information security requirements of the future and blockchain as a way to alleviate some of the challenges associated with the My Health Record system.
On 26 November 2018, the Federal Parliament passed legislation to strengthen privacy protections in My Health Records Act 2012 without debate or division.
The new legislation means that Australians can opt in or opt out of My Health Record at any time in their lives. Records will be created for every Australian who wants one after 31 January and after then, they have a choice to delete their record permanently at any time.
The date of 31 January follows much deliberation from the Federal Government to extend the opt-out date. Australians initially had until 15 October 2018 to opt out of the national health database, or a My Health Record was to be created for them by the end of that year.
But following the opposition calling for an extension to the opt-out period, the public outcry against the potential for the data to be shared with police and other government agencies, a leaked government document detailing the Australian Digital Health Agency’s response to concerns and a raft of changes recommended by the Senate Inquiry into My Health Record, the Federal Government pushed this date back and relaxed its stance on when Australians can opt in or opt out of the system.
Australian Academy of Technology and Engineering (ATSE) President Professor Hugh Bradlow said the collection of health data across the population will result in better health outcomes as it not only shows how effective interventions are, but also allows treatments to be personalised based on the experience of thousands of other patients.
“New forms of measurement (based on artificial intelligence) will also give patients far more significant information about institutional performance, practitioner performance, the outcomes of specific interventions, etc.” he said.
The Society of Hospital Pharmacists of Australia (SHPA) Chief Executive Kristin Michaels said the My Health Record debate highlighted the need for an integrated ehealth system, accessible only to health professionals and set up at the request of health organisations, for the benefit of all Australians.
"All Australians, regardless of any illness or condition, deserve to get the highest-quality care,” Michaels said.
“More often than many would think, patients are unable to explain the medicines they are already taking and for what conditions they are already being treated, particularly after a seizure or if unconscious. Many of these patients are unaccompanied. Sometimes this lack of information leads to errors that have serious impacts on people’s lives.
“[Hence] hospital pharmacists have long called for a shared, electronic patient data system that links up a fragmented health system and empowers patients in their own care."
The issue of security
However, University of Melbourne Department of Computing and Information Systems Cybersecurity Senior Lecturer Associate Professor Vanessa Teague expressed her concerns around the privacy implications of secondary uses of My Health Records not being accurately explained.
“Both doctors and patients can be easily and confidently identified in a dataset… In the case of patients, this means that a few points of information, such as the patient's age and dates of surgeries or childbirths, is enough to identify the person and thus, retrieve all their Medicare bills and PBS [Pharmaceutical Benefits Scheme] prescriptions for many years.
“Easy and confident re-identification has been demonstrated on numerous other datasets that were shared in the mistaken belief that they were de-identified. It is probably not possible to securely de-identify detailed individual records like My Health Records without altering the data so much that its scientific value is substantially reduced.”
Teague said patients may choose to opt out of secondary uses of their data but are unable to make a “genuinely informed decision” if they are inaccurately told that their detailed record cannot be identified.
“Even more importantly, those whose identifiable MBS [Medicare Benefits Schedule]-PBS records were already published in 2016 should be notified, because the earlier release could make re-identification of their My Health Records much easier,” she said.
Harvard Medical School International Healthcare Innovation Professor Dr John Halamka also previously criticised the system for relying on outdated technology, saying that the $2 billion My Health Record was nothing more than “digitised paper” as it uses such “out-of-date” technology that crucial patient information on test results and diseases are unable to be read or shared by computers.
University of Wollongong School of Computing and Information Technology Professor Katina Michael said health data breaches, for some, could have a huge impact.
She used the recent example from Singapore, where 1.5 million Singapore health records were breached in a highly targeted effort on SingHealth. Among the breached health records was Singapore Prime Minister Lee Hsien Loong's personal records.
“What does this tell us when one of the world's most advanced cybersecurity nations suffers such a large-scale attack? Plainly, that no one's personal information is safe, no matter the measures in place,” she said.
"If we have learnt anything over the last four months, it is that electronic health records are hackable. We need not have to look too far to see that no system is impenetrable.”
Michael also speculated that there is the possibility of a ramp up of blockchain initiatives to beef up on My Health Record security.
“We will likely be told in the not too distant future that we wildly underestimated our security requirements and as such, must go one step further and protect our credentials,” she said.
According to Professor Michael, this involves the implant of a 16-digit Personal Health Record (PHR) ID number into people that also reads vital signs while embedded. This technology then alerts first responders of ailments and medications without the need for the person to provide any information.
ATSE’s Bradlow said the industry needs to be “realistic” about it as the danger of data leaking due to cyber hacking is as true as hacking any other data system.
“Let’s remember that many [healthcare professionals] have easy access to today’s paper-based health records – an electronic record is actually a step up in privacy. Within My Health Record, we can make it the default to require a patient access code,” he said.
“A well-designed record system which is managed by a professional security organisation and has a clear audit trail, for example, provided by blockchain, can mitigate this risk significantly."
Source: Hafizah Osman, 31 January 2019, “Industry calls for more caution over MHR system”, https://www.healthcareit.com.au/article/industry-calls-more-caution-over-mhr-system
Note: Thank you Hafizah Osman— interestingly I was referring to the VeriChip experiment of the PHR that Dr John Halamka trialled for a short time and wrote about in 2006 here: https://www.ncbi.nlm.nih.gov/pmc/articles/PMC1656959/
A University of Wollongong data expert has labeled the government's proposed encryption laws delusional and warns they could have catastrophic consequences.
The changes would force technology companies to help police access encrypted messages.
Professor Katina Michael, from the School of Computing and Information Technology says the powers are unprecedented and have no oversight.
She is speaking to ABC reporter Kelly Fuller.
Citation: Katina Michael with Kelly Fuller, “Rushed Encryption Laws Herald a Watering Down in National Security”, ABC Illawarra: Radio, 6 December 2018, https://soundcloud.com/kelfuller/data-expert-warns-encryption-laws-could-have-catastrophic-outcomes
Jackie and He Luman, October 12, 2018, “专家解读:入境新西兰被要求交手机和密码该怎么做?”, China News, http://www.chinanews.com/hr/2018/10-12/8648054.shtml
What opportunities and challenges do digital technologies present for the development of our society?
I truly believe that we can harness technology for good. That information and communication technology is key to achieving the Sustainable Development Goals. But more than this? We need to be human. Being human means that we can achieve anything together through compassion, care, foresight, and long-term sustainability. Right now we use technology in ways that helps us to gain access to critical information, but also as a means to become more engrossed in ourselves and our personal interests alone. What about the public interest? What about public interest technologies like those being suggested by the SDG Academy an all of its speakers? Think on doing this rewarding course. It takes a mission critical view of how technology can be used (or abused) as a tool for dis(empowerment). We have a choice- from our perspective the choice is easy- we MUST use technology for good.
My involvement was in 3 MOOCS related to: privacy, data rights, security and ethics, with a heavy emphasis on human rights throughout. Stay tuned for more.
About this course
Tech for Good was developed by UNESCO and Cetic.br/NIC.br, the Brazilian Network Information Center’s Regional Center for Studies on the Development of the Information Society. It brings together thought leaders and changemakers in the fields of information and communication technologies (ICT) and sustainable development to show how digital technologies are empowering billions of people around the world by providing access to education, healthcare, banking, and government services; and how “big data” is being used to inform smarter, evidence-based policies to improve people’s lives in fundamental ways.
It also addresses the new challenges that technology can introduce, such as privacy, data management, risks to cybersecurity, e-waste, and the widening of social divides. Ultimately, Tech for Good looks at the ways in which stakeholders are coming together to answer big questions about what our future will look like in a hyper-digitized world.
This course is for:
Technology specialists who want to understand more about how ICT is being used to improve people’s lives around the world.
Sustainable development practitioners who need to understand the opportunities and limitations of technology in a development context.
Advanced undergraduates and graduate students interested in the key concepts and practices of this exciting and ever-changing field.
What you'll learn
ICT can improve access to knowledge and services, promote transparency, and encourage collaboration
Responsible collection and use of data requires governance, security, and trust
ICT projects should be contextualized and inclusive
Technology is not neutral! Be aware of bias in design and implementation
Module 1: Welcome to the Digital Age
Introduction to the Course
Bridging the Digital Divide
Three Approaches to ICT for the SDGs
Module 2: Technology for Governments and Citizens
Equity and Access to Services
User-Driven Public Administration
It's All About the Data
The Open Government Approach
Case Study: Aadhaar in India
The Challenges of Digital Government
Module 3: ICT Infrastructure
Enabling ICT: The Role of Infrastructure
Promoting Digital Inclusivity
Innovations in Infrastructure
Building Smart Sustainable Cities
ICT as Infrastructure: A Look at Societal Platforms
Module 4: ICT Innovations in Health
Achieving Universal Health Coverage
Improving Healthcare Delivery
Involving the Community
Evidence in Action: Success Stories of ICT and Health
Emerging Challenges and Opportunities
Module 5: Learning in Knowledge Societies
The Ecosystem of ICT for Education
Education for a Connected World
Sharing Knowledge: ICT, Openness, and Inclusion
Measuring ICT and Education: Frameworks
Measuring ICT and Education: Data and Indicators
Rethinking ICT for Education Policies
Module 6: Promoting Financial Inclusion
An Introduction to Financial Services
The Potential of Digital Platforms
Mobile Payments for Marginalized Communities
ICT for Enabling Access to Credit
Replacing the Cash Economy
The Challenges of ICT-enabled Financial Inclusion
Module 7: Measurement and Metrics
Managing Data for the SDGs
ICT Innovation for Statistical Development
Engaging with Data: Communications and Citizen Empowerment
Case Study: Brazil’s Cetic.br
ICT for Monitoring the SDGs
Limitations of ICT for Monitoring the SDGs
Module 8: Artificial Intelligence
An Introduction to Artificial Intelligence
Who Drives the Agenda on “AI for Good”?
Implications for Discrimination and Exclusion
The Human Side of AI: Risks and Ethics
Module 9: Concerns for our Digital Future
Privacy and the Importance of Trust
Knowing your Data Rights
The Downsides of Digital
Module 10: The Way Forward
The New Workforce: Six Points about the Future of Work
The Meaning of Work in the Digital Era
The Open Movement
Closing Thoughts on ICT for the SDGs
Original link here: https://www.edx.org/course/tech-for-good-the-role-of-ict-in-achieving-the-sdgs
The Health Minister has defended My Health Record as having Defence-level security, as the Shadow Minister declares the beginning of the opt-out period “shocking”
And experts have highlighted a number of areas of concern around privacy, with one calling the record “a major honeypot of health data, waiting to be hacked”.
Health Minister Greg Hunt has told Fairfax Media that the system, which has been active for six years – though has only become opt-out recently following a trial in two parts of the country – has military-grade security and has never been breached.
The My Health Record system has multiple layers of security to protect access to the system, including defence level encryption, secure gateways and firewalls, authentication mechanisms, and malicious content filtering, he said in a statement this week.
The Australian Digital Health Agency’s Cyber Security Centre monitors for suspicious activities and the centre will trigger an investigation when required, Mr Hunt said.
He also told ABC Radio Melbourne’s Jon Faine that he is “very comfortable” with the system, and that individuals have “total control” over their record.
During the interview ABC staff attempted to sign onto the My Health Record system and an error message was returned.
“The system’s not working as you speak and say anyone at any time, as you just said. In fact, it’s not working,” Mr Faine told the Minister, who said in response that “we have six million Australians doing it”.
“I guess the alternative is—are we saying that Australia shouldn’t have a modern system that allows for diagnoses, medicine, other records, vaccination, all to be available to the consumer?” Minister Hunt said.
Shadow Minister for Health and Medicare Catherine King said that “Greg Hunt must immediately explain what he’s doing to address the problems plaguing his e-health rollout, which are preventing people from opting out of the My Health Record”.
“The first 24 hours of the opt-out period have been a disaster – confirming Labor’s fears that Malcolm Turnbull and Greg Hunt are simply incapable of getting a rollout of this size and ambition right,” she said.
“This Government is far from competent. They have a woeful record on IT security, privacy and basic digital functionality.
“They gave us census fail, the robodebt debacle, and then allowed Australians’ Medicare data to be sold on the dark web. And now they have stuffed up the launch of the My Health Record opt-out period.”
She said that Labor supports e-health but the Government has mishandled the My Health Record process, saying people experienced “long delays and technical faults” as they attempted to opt out on Monday, 16 July, the first day on which they were able to do so.
Dr Katina Michael, a professor in the School of Computing and Information Technology at the University of Wollongong, said that electronic health records make sense but “must be done the right way”.
The prospect for data discovery, patient welfare, and convenience is a value proposition that must be weighed up against risks and potential costs to individuals.
“Privacy breaches are asymmetric. But the type of confidential information stored on an electronic health record, is unlike having merely your identity credentials stolen—it is like having your whole personhood exposed in terms of your condition, medication, past acts, and more,” she says.
“There are massive implications for those working in pressured workplaces who may have their health record used against them- e.g. pilots, doctors, surgeons, healthcare workers.
“The implications for whether health insurance companies will have access to this data in the future is also questionable. Will it cost more to insure a child suffering from autism, or one born with Down Syndrome versus a child who seemingly is ‘normal’. Might this cause a chilling effect over disclosure of illnesses, meaning the people who need the care the most are disadvantaged from the outset?
“We need to make people aware of the pros and cons of opting-out, but we also need better more honest reporting by government about some of the potential risks, in essence, to better inform the public.
“What we have now is a major honeypot of health data, waiting to be hacked for the taking and be available on the dark web.
“We also need to call for urgent reforms, that if data is compromised, there is a privacy tort allowing people to sue the company or GP or government that has allows a data breach to occur.”
Bruce Arnold, an Assistant Professor in the School of Law at the University of Canberra, said that My Health Record has been “sadly oversold”.
“Implementation of My Health Record shows that the Australian government has learnt nothing from the UK e-health trainwreck,” he said.
“In the UK patients, health practitioners, IT specialists and privacy lawyers alike condemned inadequate governance, misunderstanding of risk and disregard for patient autonomy. The UK government belatedly heeded those criticisms in, for example, the 2013 Caldicott report Information: To Share Or Not To Share? Independent review of how information about patients is shared across the health and care system. Australia has not.
“A properly designed and implemented national e-health regime offers considerable benefits for patients, clinicians and researchers. The risks of an insecure system that conscripts patients (and assumes de-identification will enable problem-free sale of bulk health data) greatly outweigh those benefits.
“Legal protection for patient privacy under My Health Record are for example inadequate. So is the IT framework. Audit trails will not reclaim a patient’s privacy when a data breach occurs.”
The PSA, however, has welcomed the the Australian Digital Health Agency’s invitation for Australians to join My Health Record.
“My Health Record will empower Australians to take ownership of their health information by managing privacy and controlling who has access to their health information,” says national president Dr Shane Jackson.
“Pharmacists now will be able to more actively support patients with their medication management needs, especially those with complex chronic disease. These patients often take multiple medications and a connected My Health Record system will ensure health professionals have the information they need at the point of care to support patients with their healthcare.
“Pharmacists have a vital role to play wherever medicines are used, and PSA, as the peak national body for pharmacists, is collaborating with the Agency to help pharmacists guide their patients through this important decision.
“The information in My Health Record will allow pharmacists to provide better coordinated care for their patients, which is why over 3,200 pharmacies are already connected to the system.”
Source: Megan Haggan, July 17, 2018, "Opt-Out Period Begins with 'Disaster', Australian Journal of Pharmacy Blog, https://ajp.com.au/news/opt-out-period-begins-with-disaster/
Today marks the beginning of the opt-out period for the nation wide medical information database called the "my health record". If a person does NOT want their medical information stored in a government run database, they have until October 15th to leave the program.
Despite concerns about privacy from the public and interested groups, Dr Steve Hambelton from the Australian Digital Health Agency said, "I can absolutely categorically state that none of the ... My Health Record data will be able to be sold to third parties — that's absolutely prohibited,"
But despite calls from the government for trust in the system, personal privacy remains a point of contention in the medical database. Could it be hacked by a malicious party? What safeguards are in place? Just who has access to the data?
To discuss privacy concerns I spoke to Dr Katina Michael, professor in the School of Computing and Information Technology at the University of Wollongong.
And later on in the show, Rohan McKnight, Digital Health Manager South Eastern NSW Primary Health Network, a company contracted to gather some of the data, joined us.
Citation: Katina Michael with Lindsay McDougall, July 16, 2018, "Opting Out of MyHealthRecord", ABC Illawarra 96.7FM, https://soundcloud.com/doctormcdougall/my-health-report-soundcloudmp3
Sources of Information for Consideration:
The damning evidence is mounting on CA. Today it was announced that CEO Alexander Nix has been suspended from his position given a Channel 4, UK covert sting recording.
Citation: Katina Michael with Cassie McCullagh, March 21, 2018, "Psychometrics, big data, data-driven approaches, microtargetting, and you", ABC Sydney Radio: FOCUS: http://www.abc.net.au/radio/sydney/programs/focus/focus/9549448
Earlier this week, Australian university student Nathan Ruser discovered a security threat through fitness app Strava. The app allows for a user to access a global heatmap to show a network of athletes. However the map showed very clearly sensitive information including the locations and running routines of military personnel at bases in the Middle East and other conflict zones, posing a global threat. The Daily was joined on the line by Dr Katina Michael from the Faculty of Engineering and Information Sciences at the University of Wollongong to discuss how much of a security risk this poses.
Citation: Katina Michael, Sean Britten, "The New Visibility: Open Intelligence, Location Data & Voluntary Crowdsourcing", 2SERfm.com, The Daily Beast, February 2, 2018, https://2ser.com/stravas-security-threat-reveal/
Other sources: http://www.abc.net.au/news/2018-01-30/strava-heatmap-shows-someone-is-cutting-laps-around-pyongyang/9370778
Your face is becoming the latest weapon in the world of digital surveillance, and the humble driver's licence looms as a game-changer in tracking individuals through both the real and virtual world.
Experts warn your biometric data may already be vulnerable to misuse by criminals and terrorists, as the proliferation of mobile cameras combined with social media and ubiquitous CCTV feeds mean we're caught on screen more than ever before.
- Biometric data builds an online profile using your photo, age and address
- This can then be matched against photos gathered from the internet or CCTV
- The data can be used by government agencies, along with companies and criminals
Driver's licences will be added to the Commonwealth Government's already vast biometric databases after it struck an agreement with the states and territories, handing authorities access to an unprecedented level of information about citizens.
A system known as "the interoperability Hub" is already in place in Australia, allowing agencies to take an image from CCTV and other media and run it against a national database of passport pictures of Australian citizens — a process known as "The Capability".
But soon driver's licences will be added to the system, allowing both government and private entities to access your photo, age and address.
It is a $21 million system being sold as a way to tackle terrorism and make commercial services more secure.
But experts warn people now risk losing control of their biometric identity entirely as commercial interests, governments and organised crime gangs all move to capture more personal metadata for their own gain.
Driver's licences change the biometric game
Technology and legal expert Professor Katina Michael said about 50 per cent of the population already had some kind of visual biometric stored in a nationally-accessible database, but the inclusion of drivers licenses would see the proportion of Australians scooped up in the net swell to about 80 per cent.
She said one of the biggest risks of the collection of biometric data was not deliberate misuse by the AFP, ASIO or another government agency, but rather vulnerabilities in the way biometrics work.
Who can access your biometric data?
Document Verification Service (DVS) - government and private sector
- Companies and government can run an identity document through a database to see if it matches information held on file, and that the document has not been revoked
- Individual must consent before DVS used
Face Verification Service (FVS) - government and private sector
- Enables a facial image of an individual to be compared against government records of that same individual, such as passports and drivers licences
- Individual must consent or a legislative basis must be established to collect the information, and use must comply with the Privacy Act
Face Identification Service (FIS) - only law enforcement agencies can use
- A facial image can be compared against multiple facial images held on a government database, including Australian citizens' passport photos and now driver's licences.
- Multiple records of people who have a close match to the image are usually returned
- An agency must have a legislative basis or authority to collect and use the information
- Access is restricted to law enforcement agencies or those with national security related functions
"It's not like a one-on-one match, where you put (in) an individual's face and say: 'they're a suspect'," Professor Michael said.
"But rather what you get returned is a number of possibilities … you might get back 15, or 20, or 30, or 50 matches.
So you might have 50 innocent people being suspects, rather than the person that you're trying to catch
Professor Michael said this meant that while over time a person's name might be cleared, their data could remain in a database linked to a criminal investigation.
"And then I'm thinking, what happens to their level of innocence as time goes on, because they accidentally look like a minority group?" she said.
She said real criminals and terrorists would opt out of the system, choosing not to have passports and driver's licenses in a bid to escape the net.
"Of course, if you've done nothing wrong, the old adage says you're fine. But increasingly, we don't know if we're fine," she said.
The rise of 'uberveillance'
Professor Michael said modern surveillance methods employed by law enforcement were not just limited to CCTV — they now incorporated vast amounts of metadata and social media, leading to a concept known as "uberveillance" in which people were constantly monitored.
"What we have now are digital footprints that we all leave behind," she said.
"Phone call records, internet searches, credit cards and even the data on your electronic train or bus ticket can be used to track your movements and activity.
"It brings together all these various touchpoints, telecommunications records, travel data via tokens, facial recognition on federal databases, your tax file number … that's accessible depending on the level of crime and social media.
"You've got this very rich almost cradle-to-grave kind of data set that's following you."
Organised criminals want your identity
Stephen Wilson runs Lockstep Consulting, a Sydney-based firm which researches and tracks trends in biometrics in the corporate and government spheres, and advises clients on best-practice.
He said at the moment very secure biometric systems took quite a long time to process images accurately.
Problems arose when consumer convenience, such as being able to unlock a phone or access a bank account with a quick face or fingerprint scan, trumped security.
"No police force, no public service, no business is ever perfect, there is always going to be corrupt people," Mr Wilson said.
"The more exposure we have to electronic databases, the more exposure we have to biometric matching, it's only a matter of time before these bad actors succumb to temptation or they succumb to corruption and they wind up using these systems inappropriately."
Your biometric twin is out there
Mr Wilson said biometrics were creeping into consumer services like bank accounts and online betting facilities, with customers asked to send a picture of their licence and a "selfie" that will be run through an identity matching service.
"The real risk is that bad actors will take people's photos, ask for a match, and get back a series of matches of people that are kind of like your biometric twin," he said.
"We've all got doppelgangers, we've all got people in public that look just like us.
"If you're trying to perpetrate a crime, if you're organised crime, and you're trying for example to produce a fake driver's licence, it's absolute gold for you to be able to come up with a list of photos that look like 'Steve Wilson'."
Technology companies like Apple and Samsung have championed the use of biometrics such as fingerprints, and this has taken a step further with facial recognition becoming more common thanks to the release of the iPhone X.
However Mr Wilson said a key difference was that information stayed on the phone, while banking and other commercial interests trying to use your biometrics to confirm your identity could be storing it on a server anywhere.
"Do you really want your photo, which is a pretty precious resource, sent off to a company perhaps on the other side of the world just so you can get a quick bank account or quick betting service set up?" he asked.
What will happen next?
An annual industry survey conducted by the Biometrics Institute, known as the Industry Trend Tracker, has nominated facial recognition as the biometric trend most likely to increase over the next few years.
Respondents believed privacy and data protection concerns were the biggest constraint on the market, followed by poor knowledge of decision makers, misinformation about biometrics and opposition from privacy advocates.
The Australian law reform commission says biometric systems increasingly are being used or contemplated by organisations, including in methadone programs, taxi booking services, ATMs and online banking, and access to buildings
Dr Michael said governments needed to be very cautious about how they applied this rich new source of data in the future.
She said governments were building these agreements between themselves and corporations in a bid to stamp out fraud, but that goal was not always achieved and the potential for mistakes was vast.
"What we have is this matching against datasets, trying to find the needle in the haystack," she said.
"Often what happens is we don't find the needle."
A statement from the Department of Home Affairs said the Australian Government was exploring making the Face Verification Service available to the private sector, but nothing had started at this point.
It said arrangements for private sector access would be informed by an independent privacy impact assessment and those using it would need to demonstrate their lawful basis to do so under the privacy act and where they had gained consent to use a person's image.
Source: Rebecca Trigger, January 15, 2018, "Experts sound alarm as biometric data from driver's licences added to government database", ABC News, http://www.abc.net.au/news/2018-01-15/alarm-raised-as-drivers-licences-added-to-government-database/9015484
Reprinted in The New Daily here: https://thenewdaily.com.au/news/national/2018/01/15/biometric-data-drivers-licences-government-database/
Furthermore, an interview with Professor Brian Lovell from the University of Queensland on the ABC further demystifies facial biometrics and the government's use of The Capability: http://www.abc.net.au/news/2018-01-15/professor-says-nothing-to-fear-from-federal/9330626
Kekhawatiran Semakin Terbukanya Data Pribadi di Era Digital
Senin, 15 Januari 2018 11:05 WIB
Wajah kita menjadi alat terbaru dalam dunia pengawasan digital. Dan di Australia kartu izin mengemudi mulai digunakan untuk melacak orang-orang, baik di dunia nyata maupun dalam dunia maya.
- Sistem biometrik adalah mengenali seseorang berdasarkan ciri-ciri fisik, karakter, dan perilakunya
- Data biometrik menggunakan data pribadi online lewat foto, usia, dan alamat tinggal
- Data pribadi ini kemudian dicocokan dengan gambar yang terekam CCTV atau foto di internet
- Data bisa digunakan oleh agen pemerintah, termasuk perusahaan, bahkan kelompok kejahatan
Para ahli memperingatkan data biometrik milik kita mungkin sudah rentan disalahgunakan oleh komplotan penjahat dan teroris, karena maraknya gabungan penggunaan telepon dan jejaring sosial serta adanya kamera CCTV dimana-mana, sehingga kita lebih sering tertangkap kamera.
Kartu izin mengemudi akan ditambahkan ke database biometrik di Australia, setelah adanya kesepakatan dengan negara-negara bagian dan wilayah khusus, sehingga pihak berwenang dapat mengakses informasi soal warga mereka dengan cara yang belum pernah ada sebelumnya.
Sebuah sistem yang dikenal dengan sebutan 'The Interoperability Hub' sudah ada di Australia, yang memungkinkan pihak-pihak berwenang untuk mengambil foto dari CCTV atau media lainnya yang kemudian dicocokkan dengan database foto-foto dari paspor. Proses ini dikenal dengan sebutan 'The Capability.'
Tetapi, setelah kartu izin mengemudi masuk ke sistem database baru, maka pemerintah dan sejumlah pihak swasta dapat mengakses foto, usia, dan alamat Anda.
Sistem ini sudah menghabiskan $21 juta, senilai Rp 210 miliar, sebagai cara untuk mengatasi terorisme dan membuat layanan komersial lebih aman.
Namun para ahli memperingatkan kini warga beresiko kehilangan biometrik mereka sama sekali, karena pihak komersial, pemerintah dan kelompok kejahatan terorganisir berupaya untuk mendapatkan lebih banyak data pribadi demi keuntungan mereka sendiri.
Kartu izin mengemudi jadi sumber data baru
Kartu izin mengemudi di Australia sudah ditambahkan sebagai sumber data biometrik
Pakar teknologi dan hukum, Profesor Katina Michael mengatakan sekitar 50 persen populasi Australia telah memiliki semacam biometrik visual tersimpan dalam database yang dapat diakses secara nasional. Namun dengan digunakannya kartu izin pengemudi akan menyebabkan lebih banyak data pribadi warga yang tersimpan dan membuat jumlahnya naik 80 persen.
Profesor Michael mengatakan salah satu risiko terbesar dari pengumpulan data biometrik adalah bukan penyalahgunaan yang tidak disengaja oleh kepolisian federal Australia (AFP), agen intelijen Australia (ASIO), atau agen pemerintah lainnya, melainkan kerentanan cara kerja biometrik yang rentan.
"Ini bukan seperti Anda memasukan wajah seseorang kemudian mengatakan, 'mereka adalah tersangka'," kata Profesor Michael.
"Tapi yang kita dapatkan adalah sejumlah kemungkinan... mungkin ada 15, 20, 30, atau bahkan 50 kemiripan."
Jadi, yang akan didapatkan bukan satu orang yang akan ditangkap, melainkan 50 orang yang tak bersalah menjadi tersangka.
Profesor Michael menjelaskan ini berarti bahwa meski nama seseorang bisa dipulihkan seiring waktu jika terbukti tidak bersalah, tapi masih ada dalam database yang terkait penyelidikan kriminal.
Orang diawasi secara terus menerus
Teknologi baru bisa memantau dan mengenali wajah orang di kerumunan.
Profesor Michael mengatakan metode pengawasan modern yang digunakan penegak hukum tidak hanya terbatas pada CCTV. Mereka juga sekarang bisa memasukkan sejumlah besar metadata dan jejaring sosial, yang mengarah ke konsep dengan sebutan "uberveillance" di mana orang-orang dipantau secara terus menerus.
"Sekarang kita memiliki 'jejak digital' yang ditinggalkan semua orang," katanya.
"Catatan panggilan telepon, apa yang dicari di internet, kartu kredit, bahkan data pada kartu elektronik kereta atau bus dapat digunakan untuk melacak pergerakan dan aktivitas Anda."
Survei industri tahunan yang dilakukan oleh Biometrics Institute, yang dikenal sebagai 'Industry Trend Tracker', telah menyatakan teknologi pengenalan wajah kemungkinan akan menjadi tren biometrik yang meningkat dalam beberapa tahun ke depan.
Para responden survei merasa masalah privasi dan perlindungan data sebagai kendala terbesar, diikuti dengan pengetahuan yang buruk para pengambil keputusan, kesalahan informasi soal biometrik, serta penolakan dari pendukung privasi.
Komisi reformasi hukum Australia mengatakan sistem biometrik semakin banyak digunakan atau dipertimbangkan oleh banyak organisasi, termasuk program rehabilitisi narkoba, layanan pemesanan taksi, ATM dan perbankan online, serta akses masuk ke gedung.
Profesor Michael mengatakan pemerintah harus sangat berhati-hati dalam menerapkan sumber data baru yang melimpah ini di masa depan.
Menurutnya pemerintah sedang membangun kesepakatan antara pihaknya dengan sejumlah perusahaan untuk berupaya menghindari kecurangan, namun seringkali tidak tercapai dan potensi menyalahgunakan sangatlah luas.
"Apa yang kita lakukan dalam mencocokan dengan kumpulan data adalah seperti menemukan jarum di tumpukan jerami," katanya.
Dalam pernyataan Departemen Dalam Negeri disebutkan Pemerintah Australia sedang menjajaki pembuatan layanan verifikasi lewat pengenalan wajah untuk sektor swasta, namun upaya ini belum dimulai.
Disadur dari laporan aslinya dalam bahasa Inggris yang bisa dibaca disini.
The war between robots and humans is heating up
Citation: John Elder, December 23, 2017, "The war between robots and humans is heating up", The New Daily, https://thenewdaily.com.au/life/tech/2017/12/22/robots-vs-humans-war/.
Citation: Katina Michael with Kate O'Toole, October 5, 2017, "Privacy Issues Related to Proposed National Biometric System in Australia", ABC Darwin: Drive, 5.35-5.45PM. Available: http://www.abc.net.au/radio/darwin/programs/drive/drive/8999158
– Professor Katina Michael – Professor at the School of Computing and Information Technology at University of Wollongong chats to Trevor Long and Nick Bennett on Talking Technology about facial recognition technology and whether it could distinguish between twins.
Citation: Katina Michael speaks with Trevor Long and Nick Bennett, "Can twins fool facial recognition technology?", Talking Technology on Talking Lifestyle at 8.40pm-9.00pm, September 7, 2017.
A camera can tell you’re a criminal, just by looking at your face. It could be a dystopian nightmare...or the end of terrorism. Jennifer Luu reports.
But iOmniscient’s capabilities don’t stop there. The program can detect criminals and suspicious behaviour in real time, merely by by observing the faces and behaviour of passersby.
CEO Rustom Kanga said: “The technology is based on what we call artificial intelligence technology, which attempts to emulate how humans think...it understands what is happening in the environment and it learns from mistakes.”
eople have “gone and killed themselves, taken their own life, because they’ve been flagged in one of these systems.” - Professor Katina Michael, Australian Privacy Foundation
r Kanga is adamant that facial recognition is the answer to crime and even terrorism; it could “prevent incidents like the Brussels attack”.
“There are things that humans can do very well...however, for repetitive activity and activity involving large masses of data, a computer is much more effective,” said Dr Kanga.
“If you had to recognise ten thousand unknown people in a crowded football stadium, a human being would be useless at that, but a computer can still do it.”
Founded in 2001, iOmniscient has since completed projects in 46 countries across 30 different industries. However, the company has faced criticism over privacy concerns.
Professor Katina Michael, a board member of the Australian Privacy Foundation, believes that facial recognition is inherently biased. She fears there’s a fine line between what is considered normal and abnormal behaviour or appearance.
“Are they are singling out people of a racial minority, people who are different? For instance, what do you do with people who are disabled? With people who are mentally ill who are queuing? And they haven’t done anything wrong...but they may be singled out because they just look different.”
The impact on wrongly identified suspects can be severe. Professor Michael recalls that people have “gone and killed themselves, taken their own life, because they’ve been flagged in one of these systems.”
“People don’t know, during the Boston Marathon somebody who was identified prematurely as being one of the people who detonated one of the bombs actually took his own life because he felt like he was being chased by the authorities and yet he was completely innocent.”
Original Source here
Citation: Katina Michael, Wendy Harmer, "When Google Maps Gets it Wrong", ABC Sydney Mornings, ABC Sydney 702, 9.10am -9.23am, April 21, 2017.
Some people have a good relationship with their bosses and others value their privacy.
However, the question lies whether it is necessary to have your boss on social media?
Dr Katina Michael from the Faculty of Engineering and Information Sciences at the University of Wollongong joined Brooke to discuss having your boss on social media and the potential safety breaches that this could face.
Citation: Katina Michael with Brooke Taylor, April 11, 2017, "Is It Necessary To Have Your Boss On Social Media?", 2SERFM, http://www.2ser.com/component/k2/item/28373-is-it-necessary-to-have-your-boss-on-social-media
Just last month, Google Maps launched a new location sharing service, allowing users to share their exact location with a contact for a period of time, or until the feature is shut off.
Professor Katina Michael from the University of Wollongong, who researched location tracking technology for more than a decade, said the potential for trauma associated with using such services was not often considered.
"We've been looking at the social implications of location services, and one thing we've found by doing experiments with people holding location-based devices like a smartphone or a GPS tracker is that there is an assumption of safety from the offset," Professor Michael said.
But data can be wrong, and she said people watching on could become distressed when these services displayed something unexpected.
Professor Michael said a man in one of her studies was watching his partner return from work, when she appeared to miss a train and stay behind on the platform.
He became stressed and imagined that she had intentionally stayed behind because she was with someone.
"In actual fact, she hadn't missed the train, she hadn't stayed behind," Professor Michael said.
"It's just that that's where the last location ping had occurred."
Location tracking 'gamifying' life
Professor Michael said location data could also cause stress for the person being tracked.
"If it's tracking them to the wrong location, it makes them very anxious," Professor Michael said.
"Because they know they're being watched by somebody else and they haven't done anything wrong. They've said they were going to be where they were and they are, but the location data is showing the wrong information."
Professor Michael said people using location sharing services, like parents tracking their kids, or carers tracking people with dementia, needed to be careful not to blindly trust the data.
In the case of Hall's death, the data was right.
And it is unlikely to be the last time such a tragedy unfolds, with people watching from home via location tracking services.
Professor Michael said that in sport in particular, location services would become more prolific and more public.
"It's gamifying life," she said.
"And when you gamify, observers start to flock and to watch, like the dot watchers in this race ... it's being enthralled in the spectacle."
Citation: Katina Michael cited in Jake Evans, April 9, 2017, "Mike Hall's death won't be last time tragedy unfolds via Google Maps, expert says", ABC News, http://www.abc.net.au/news/2017-04-09/mike-halls-death-watched-on-google-maps-by-thousands/8415522